Vulnerabilities > Progea

DATE CVE VULNERABILITY TITLE RISK
2017-10-19 CVE-2017-14019 Unquoted Search Path or Element vulnerability in Progea Movicon 11.5.1181
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior.
local
low complexity
progea CWE-428
4.6
2017-10-19 CVE-2017-14017 Uncontrolled Search Path Element vulnerability in Progea Movicon 11.4/11.4.1150/11.5.1181
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior.
local
low complexity
progea CWE-427
4.6
2014-04-19 CVE-2014-0778 Information Exposure vulnerability in Progea Movicon 11.4
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
network
low complexity
progea CWE-200
5.0
2012-05-14 CVE-2012-1804 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Progea Movicon
The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request.
network
low complexity
progea CWE-119
7.8
2011-09-16 CVE-2011-3499 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Progea Movicon Powerhmi 11/11.0.1017
Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.
network
low complexity
progea CWE-119
critical
10.0
2011-09-16 CVE-2011-3498 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Progea Movicon Powerhmi 11/11.0.1017
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
network
low complexity
progea CWE-119
critical
10.0
2011-09-16 CVE-2011-3491 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Progea Movicon Powerhmi 11/11.0.1017
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
network
low complexity
progea CWE-119
critical
10.0
2011-07-29 CVE-2011-2963 Improper Authentication vulnerability in Progea Movicon 11.2
TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.
network
low complexity
progea CWE-287
critical
10.0